Redeemer
Tags:
Level: Starting Point
Date: 2025-08-25
VM IP: 10.129.2.71
Task 1
Which TCP port is open on the machine?
┌──(macc㉿kaliLab)-[~]
└─$ nmap -p1-10000 10.129.2.71
Starting Nmap 7.95 ( https://nmap.org ) at 2025-08-26 12:45 MDT
Stats: 0:00:04 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
SYN Stealth Scan Timing: About 35.28% done; ETC: 12:46 (0:00:07 remaining)
Nmap scan report for 10.129.2.71
Host is up (0.11s latency).
Not shown: 9999 closed tcp ports (reset)
PORT STATE SERVICE
6379/tcp open redis
Nmap done: 1 IP address (1 host up) scanned in 36.52 seconds
flag: 6379
Task 2
Which service is running on the port that is open on the machine?
flag: redis
Task 3
What type of database is Redis? Choose from the following options: (i) In-memory Database, (ii) Traditional Database
flag: In-memory Database
What is Redis?
Redis (REmote DIctionary Server) is an open-source advanced NoSQL key-value data store used as a database, cache, and message broker. The data is stored in a dictionary format having key-value pairs. It is
typically used for short term storage of data that needs fast retrieval. Redis does backup data to hard drives to provide consistency.
The server
Redis runs as server-side software so its core functionality is in its server component. The server listens for connections from clients, programmatically or through the command-line interface.
The CLI
The command-line interface (CLI) is a powerful tool that gives you complete access to Redis’s data and its functionalities if you are developing a software or tool that needs to interact with it.
Database
The database is stored in the server's RAM to enable fast data access. Redis also writes the contents of the database to disk at varying intervals to persist it as a backup, in case of failure.
Task 4
Which command-line utility is used to interact with the Redis server? Enter the program name you would enter into the terminal without any arguments.
- After successfully installing the
redis-cliutility, let us view its help page by typing in theredis-cli -- helpcommand in our terminal to receive a list of all possible switches for the tool and their description.
redis-cli --help
flag: redis-cli
Task 5
Which flag is used with the Redis command-line utility to specify the hostname?
-h : specify the hostname of the target to connect to
flag: -h
Task 6
Once connected to a Redis server, which command is used to obtain the information and statistics about the Redis server?
First connect to the redis server:
┌──(macc㉿kaliLab)-[~]
└─$ redis-cli -h 10.129.2.71
10.129.2.71:6379>
Upon a successful connection with the Redis server, we should be able to see a prompt in the terminal as shown in the image above. One of the basic Redis enumeration commands is info which returns information and statistics about the Redis server. Since the output of this command is pretty long, I have snipped out the less-relevant information
flag: info
Task 7
What is the version of the Redis server being used on the target machine?
Use the info command to list the version of Redis server being used
10.129.2.71:6379> info
# Server
redis_version:5.0.7
redis_git_sha1:00000000
redis_git_dirty:0
redis_build_id:66bd629f924ac924
redis_mode:standalone
os:Linux 5.4.0-77-generic x86_64
arch_bits:64
...
Task 8
Which command is used to select the desired database in Redis?
The keyspace section provides statistics on the main dictionary of each database. The statistics include the number of keys, and the number of keys with an expiration.
In our case, under the Keyspace section, we can see that only one database exists with index 0 .
Let us select this Redis logical database by using the select command followed by the index number of the database that needs to be selected
10.129.2.71:6379> select 0
flag: select
Task 9
How many keys are present inside the database with index 0?
Furthermore, we can list all the keys present in the database using the command:
keys *
Example:
10.129.98.236:6379> keys *
1) "temp"
2) "stor"
3) "flag"
4) "numb"
flag: 4
Task 10
Which command is used to obtain all the keys in a database?
The keys * command is used to see all the keys in a database
10.129.98.236:6379> keys *
1) "temp"
2) "stor"
3) "flag"
4) "numb"
flag: keys *
Task 11
Submit root flag
Finally, we can view the values stored for a corresponding key using the get command followed by the keynote :
get <key>
Example:
10.129.98.236:6379> get "flag"
"03e1d2b376c37ab3f5319922053953eb"
flag: 03e1d2b376c37ab3f5319922053953eb